5/15/11

Port 135 Protocol

Computers have "ports," which are sockets to which connections to peripherals are attached. In networking, however, there is another group of ports. These are logical endpoints of a connection. Certain programs are assigned to ports. Traffic arriving with a port number is directed to the associated program.

  • Function

    • When a computer receives a connection on port 135, it knows to direct the traffic to the "Endpoint Mapper" (epmap) of Remote Procedure Call (RPC). There are many implementations of RPC, each with different ports assigned. This is the original RPC produced by the Open Group for its Distributed Computer Environment (DCE).

    Purpose

    • RPC is integrated into many applications, and so the standard protocol for directing port traffic needs another layer for port 135. The Endpoint Mapper receives RPC connections and redirects the traffic to other ports assigned for the applications into which RPC is integrated.

    Problem

    • Endpoint Mapper is exploited by viruses. Repeated calls to port 135 cause a computer to overload. This is called a "denial of service attack." The "Blaster" virus attacks at port 135.

    • At time

    No comments:

    Post a Comment

    Please do not spam.